| |
| |||||||
Log-Analyse und Auswertung: Interpol-VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.10.2013, 13:33
| #1 |
 |  Interpol-Virus Lieber Helfer, ich habe wie schon in mehreren Themen hier den Interpol Virus, bei dem man 100€ Strafe zahlen soll, aber da ich mein eigenes Logfile habe, habe ich ein neues Thema erstellt. habe wie im anderen Thema die ganzen Anleitungen durch, das heißt mit FRST auf meinem infizierten Rechner einen Scan über Reperaturoptionen durchgeführt, und so sieht die frst.txt aus: PHP-Code: |
|
09.10.2013, 13:47
| #2 |
| /// TB-Ausbilder   | Interpol-Virus Hallo,
__________________startet der Rechner nach folgendem Fix wieder normal? Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dlfdwba.lnk
ShortcutTarget: dlfdwba.lnk -> C:\PROGRA~3\abwdfld.plz ()
S2 Winmgmt; C:\PROGRA~3\dlfdwba.pzz [60512 2013-10-09] (Microsoft Corporation)
S2 Winmgmt; C:\PROGRA~3\dlfdwba.pzz [60512 2013-10-09] (Microsoft Corporation)
2013-10-09 03:21 - 2013-10-09 03:56 - 95025368 ____T C:\ProgramData\dlfdwba.pff
2013-10-09 03:21 - 2013-10-09 03:56 - 00000000 _____ C:\ProgramData\dlfdwba.ctrl
2013-10-09 03:21 - 2013-10-09 03:21 - 00114688 _____ C:\ProgramData\abwdfld.plz
2013-10-09 03:21 - 2013-10-09 03:21 - 00060512 ____T (Microsoft Corporation) C:\ProgramData\dlfdwba.pzz
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________ |
|
09.10.2013, 13:56
| #3 |
| | Interpol-Virus Danke für die schnelle Antwort.
__________________Ja, ich kann wieder voll auf mein System zugreifen, der Bildschirm ist nicht mehr gesperrt. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by SYSTEM at 2013-10-09 14:53:54 Run:1
Running from H:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dlfdwba.lnk
ShortcutTarget: dlfdwba.lnk -> C:\PROGRA~3\abwdfld.plz ()
S2 Winmgmt; C:\PROGRA~3\dlfdwba.pzz [60512 2013-10-09] (Microsoft Corporation)
S2 Winmgmt; C:\PROGRA~3\dlfdwba.pzz [60512 2013-10-09] (Microsoft Corporation)
2013-10-09 03:21 - 2013-10-09 03:56 - 95025368 ____T C:\ProgramData\dlfdwba.pff
2013-10-09 03:21 - 2013-10-09 03:56 - 00000000 _____ C:\ProgramData\dlfdwba.ctrl
2013-10-09 03:21 - 2013-10-09 03:21 - 00114688 _____ C:\ProgramData\abwdfld.plz
2013-10-09 03:21 - 2013-10-09 03:21 - 00060512 ____T (Microsoft Corporation) C:\ProgramData\dlfdwba.pzz
*****************
C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dlfdwba.lnk => Moved successfully.
C:\PROGRA~3\abwdfld.plz => Moved successfully.
Winmgmt => Service restored successfully.
Winmgmt => Service restored successfully.
C:\ProgramData\dlfdwba.pff => Moved successfully.
C:\ProgramData\dlfdwba.ctrl => Moved successfully.
"C:\ProgramData\abwdfld.plz" => File/Directory not found.
C:\ProgramData\dlfdwba.pzz => Moved successfully.
==== End of Fixlog ====
|
|
09.10.2013, 14:27
| #4 |
| /// TB-Ausbilder | Interpol-Virus Gut. Verschiebe die frst64.exe vom USB-Stick auf den Desktop.
__________________ cheers, Leo |
|
09.10.2013, 20:06
| #5 |
| | Interpol-Virus Danke schonmal! Hier die beiden log-Dateien: frst.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by André (administrator) on ANDRÉ-HP on 09-10-2013 21:04:07
Running from C:\Users\André\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
() C:\Program Files\Core Temp\Core Temp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Motorola Mobility Inc.) C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
() C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Google Inc.) C:\Users\André\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\André\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\André\AppData\Local\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\André\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\André\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [EADM] - C:\André\Spiele\NFS the Run\Origin\Origin.exe [3551576 2013-10-01] (Electronic Arts)
HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [Google Update] - C:\Users\André\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-30] (Google Inc.)
HKCU\...\Run: [MotoCast] - C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2047 2013-08-18] ()
MountPoints2: {2f73fe7c-9380-11e2-b990-082e5f8089eb} - F:\startup.exe
MountPoints2: {3fab2140-5a60-11e2-9fff-082e5f8089eb} - H:\LGAutoRun.exe
MountPoints2: {5fd8542e-e7e5-11e2-8130-082e5f8089eb} - G:\AutoRun.exe
MountPoints2: {5fd8543d-e7e5-11e2-8130-082e5f8089eb} - H:\AutoRun.exe
MountPoints2: {7674f485-aa2d-11e1-94b1-806e6f6e6963} - E:\autorun.exe
MountPoints2: {7a8eb4ea-e956-11e2-b48a-082e5f8089eb} - G:\AutoRun.exe
MountPoints2: {edfd2c51-dc72-11e1-8afb-082e5f8089eb} - G:\MotoCastSetup.exe -a
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4851760 2013-09-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] - C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1238016 2013-07-27] (Easybits)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {C0B93072-C5B9-4412-9A37-4012A29AE9D3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {C0B93072-C5B9-4412-9A37-4012A29AE9D3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {C0B93072-C5B9-4412-9A37-4012A29AE9D3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll No File
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll No File
Toolbar: HKLM-x32 - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll No File
Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{768CBBCF-9473-4CA7-A592-BE530A1D8B9D}: [NameServer]10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{ADD6E83C-4E81-4D2A-9A22-6D3CF394C69B}: [NameServer]10.74.210.210 10.74.210.211
Chrome:
=======
CHR RestoreOnStartup: "hxxp://facebook.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Andr\u00E9\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Andr\u00E9\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Andr\u00E9\AppData\Local\Google\Chrome\Application\30.0.1599.69\gcswf32.dll No File
CHR Plugin: (Simple Pass 2011) - C:\Users\Andr\u00E9\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\npwebsitelogon.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live\\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (Google Update) - C:\Users\Andr\u00E9\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Website Logon) - C:\Users\ANDR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0
CHR Extension: (YouTube) - C:\Users\ANDR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\ANDR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\ANDR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\ANDR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nmpllndkedbnmonoomepeeglghdelffo] - C:\Program Files (x86)\icq\Chrome\icq-1.3.671.crx
CHR StartMenuInternet: Google Chrome - C:\Users\André\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-22] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-09-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-22] (AVG Technologies CZ, s.r.o.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [344928 2011-01-28] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2013-07-08] ()
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-07-31] (Motorola Mobility LLC)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4687672 2012-05-15] (INCA Internet Co., Ltd.)
S2 ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [x]
==================== Drivers (Whitelisted) ====================
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [147768 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2013-07-08] (Bytemobile, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-23] (DT Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2013-07-08] (Huawei Technologies Co., Ltd.)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [43456 2012-07-26] (hxxp://libusb-win32.sourceforge.net)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2013-07-08] (Bytemobile, Inc.)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2013-07-08] (Bytemobile, Inc.)
R3 ALSysIO; \??\C:\Users\ANDR~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [x]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [x]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [x]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x]
S0 prohlp02; System32\drivers\prohlp02.sys [x]
S0 prosync1; System32\drivers\prosync1.sys [x]
S0 sfhlp01; System32\drivers\sfhlp01.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-10 00:21 - 2013-10-10 00:21 - 00000000 ____D C:\FRST
2013-10-09 21:03 - 2013-10-09 14:19 - 01954124 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe
2013-10-09 13:21 - 2013-10-09 13:21 - 00000000 ____D C:\Windows\Sun
2013-10-07 12:56 - 2013-10-07 12:56 - 00001963 _____ C:\Users\Public\Desktop\Ballance.lnk
2013-10-07 12:56 - 2013-10-07 12:56 - 00001963 _____ C:\ProgramData\Desktop\Ballance.lnk
2013-10-07 12:55 - 2013-10-07 12:56 - 00000000 ____D C:\Program Files (x86)\Ballance
2013-10-02 17:37 - 2013-10-02 17:37 - 00000000 ____D C:\Users\André\AppData\Local\LogMeIn
2013-10-02 17:37 - 2013-10-02 17:37 - 00000000 ____D C:\ProgramData\LogMeIn
2013-09-29 11:54 - 2013-09-29 11:54 - 00001847 _____ C:\Users\Public\Desktop\GeoGebra.lnk
2013-09-29 11:54 - 2013-09-29 11:54 - 00001847 _____ C:\ProgramData\Desktop\GeoGebra.lnk
2013-09-29 11:54 - 2013-09-29 11:54 - 00000000 ____D C:\Users\André\AppData\Roaming\GeoGebra 4.4
2013-09-29 11:54 - 2013-09-29 11:54 - 00000000 ____D C:\Program Files (x86)\GeoGebra 4.4
2013-09-29 11:50 - 2013-09-29 11:53 - 41578544 _____ (International GeoGebra Institute) C:\Users\André\Downloads\GeoGebra-Windows-Installer-4-3-31-0.exe
2013-09-28 12:05 - 2013-09-28 12:05 - 00003486 _____ C:\Windows\System32\Tasks\Motorola Device Manager Update
2013-09-28 12:05 - 2013-09-28 12:05 - 00003468 _____ C:\Windows\System32\Tasks\Motorola Device Manager Engine
2013-09-28 12:05 - 2013-09-28 12:05 - 00003294 _____ C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2013-09-28 12:04 - 2013-09-28 12:04 - 00000000 ____D C:\Program Files\Motorola Inc
2013-09-28 00:11 - 2013-09-28 00:11 - 00000000 ____D C:\Program Files (x86)\SP54024
2013-09-28 00:07 - 2013-09-28 00:08 - 05193912 _____ (Hewlett-Packard Company ) C:\Users\André\Downloads\sp54024.exe
2013-09-27 19:42 - 2013-09-27 19:42 - 00000000 ____D C:\Users\André\AppData\Roaming\AVG2014
2013-09-27 19:40 - 2013-09-27 19:40 - 00000977 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-09-27 19:40 - 2013-09-27 19:40 - 00000977 _____ C:\ProgramData\Desktop\AVG 2014.lnk
2013-09-27 19:38 - 2013-09-27 19:42 - 00000000 ____D C:\ProgramData\AVG2014
2013-09-27 19:34 - 2013-09-28 10:55 - 00000000 ____D C:\Users\André\AppData\Local\Avg2014
2013-09-21 09:57 - 2013-09-21 09:57 - 00287358 _____ C:\Users\André\Downloads\questhelper-v6.0.2.zip
2013-09-21 09:57 - 2013-09-21 09:57 - 00000000 ____D C:\Users\André\Downloads\questhelper-v6.0.2
2013-09-20 16:18 - 2013-09-20 16:18 - 00599568 _____ C:\Users\André\Downloads\model.rar
2013-09-20 16:18 - 2013-09-20 16:18 - 00000000 ____D C:\Users\André\Downloads\model
2013-09-19 15:21 - 2013-09-19 15:22 - 30010384 _____ (TeamSpeak Systems GmbH) C:\Users\André\Downloads\TeamSpeak3-Client-win32-3.0.12.exe
2013-09-12 15:43 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 15:43 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 15:43 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 15:43 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 15:43 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 15:43 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-12 15:43 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-12 15:43 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 15:43 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-12 15:43 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 15:43 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-12 15:43 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 15:43 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 15:43 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-12 15:43 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 15:43 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 15:43 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 15:43 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 15:43 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 15:43 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 15:43 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-12 15:43 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 15:43 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-12 15:43 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 15:43 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 15:43 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-12 15:43 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-12 15:43 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 15:43 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 15:43 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 15:43 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-12 15:43 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 12:26 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 12:26 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 12:26 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 12:26 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 12:26 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 12:26 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 12:26 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 12:26 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 12:26 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 12:26 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 12:26 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 12:26 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 12:26 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 12:26 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 12:26 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 12:26 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 12:26 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 12:26 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 12:26 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 12:26 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 12:26 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 12:26 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 12:26 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 12:26 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 12:26 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 12:26 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 12:26 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-10 13:40 - 2013-09-10 13:40 - 04215463 _____ C:\Users\André\Downloads\setupautoscreenrecorder31375.exe
2013-09-10 13:40 - 2013-09-10 13:40 - 00002071 _____ C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\AutoScreenRecorder 3.1 Pro.lnk
2013-09-10 13:40 - 2013-09-10 13:40 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wisdom-soft AutoScreenRecorder 3 Pro
2013-09-10 13:40 - 2013-09-10 13:40 - 00000000 ____D C:\Program Files (x86)\Wisdom-soft AutoScreenRecorder 3 Pro
==================== One Month Modified Files and Folders =======
2013-10-10 00:53 - 2012-05-30 11:13 - 00000000 ___RD C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-10 00:21 - 2013-10-10 00:21 - 00000000 ____D C:\FRST
2013-10-09 21:04 - 2013-03-30 11:13 - 00000000 ____D C:\ProgramData\MFAData
2013-10-09 21:02 - 2012-05-30 11:13 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A872087D-1388-4A5A-9EA3-C91E7C039A32}
2013-10-09 21:01 - 2011-12-06 00:09 - 01887552 _____ C:\Windows\WindowsUpdate.log
2013-10-09 20:58 - 2013-08-04 23:02 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-09 20:58 - 2012-08-02 10:59 - 00000000 ____D C:\Users\André\.gstreamer-0.10
2013-10-09 20:58 - 2012-08-02 10:55 - 00000000 ____D C:\Users\André\AppData\Roaming\MotoCast
2013-10-09 20:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-09 20:57 - 2009-07-14 06:51 - 00195061 _____ C:\Windows\setupact.log
2013-10-09 15:00 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-09 15:00 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-09 14:19 - 2013-10-09 21:03 - 01954124 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe
2013-10-09 13:21 - 2013-10-09 13:21 - 00000000 ____D C:\Windows\Sun
2013-10-09 13:14 - 2012-05-30 11:26 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3055925560-2104778183-246893781-1000UA.job
2013-10-09 13:13 - 2013-08-04 23:02 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-09 13:10 - 2012-05-30 14:10 - 00000000 ____D C:\Users\André\AppData\Roaming\Might & Magic Heroes VI
2013-10-09 12:49 - 2012-08-30 23:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-08 21:08 - 2013-08-04 23:02 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-08 21:08 - 2013-08-04 23:02 - 00003852 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-08 18:57 - 2012-05-31 09:27 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2013-10-07 14:14 - 2012-05-30 11:26 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3055925560-2104778183-246893781-1000Core.job
2013-10-07 12:56 - 2013-10-07 12:56 - 00001963 _____ C:\Users\Public\Desktop\Ballance.lnk
2013-10-07 12:56 - 2013-10-07 12:56 - 00001963 _____ C:\ProgramData\Desktop\Ballance.lnk
2013-10-07 12:56 - 2013-10-07 12:55 - 00000000 ____D C:\Program Files (x86)\Ballance
2013-10-07 12:55 - 2011-09-02 01:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-06 17:57 - 2012-05-30 21:31 - 00001894 _____ C:\Users\André\Desktop\Might & Magic Heroes VI - Verknüpfung.lnk
2013-10-06 17:55 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-02 18:49 - 2013-02-08 22:08 - 00000858 _____ C:\Windows\client.config.ini
2013-10-02 18:27 - 2010-11-21 05:47 - 00384648 _____ C:\Windows\PFRO.log
2013-10-02 17:37 - 2013-10-02 17:37 - 00000000 ____D C:\Users\André\AppData\Local\LogMeIn
2013-10-02 17:37 - 2013-10-02 17:37 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-02 17:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-09-29 11:54 - 2013-09-29 11:54 - 00001847 _____ C:\Users\Public\Desktop\GeoGebra.lnk
2013-09-29 11:54 - 2013-09-29 11:54 - 00001847 _____ C:\ProgramData\Desktop\GeoGebra.lnk
2013-09-29 11:54 - 2013-09-29 11:54 - 00000000 ____D C:\Users\André\AppData\Roaming\GeoGebra 4.4
2013-09-29 11:54 - 2013-09-29 11:54 - 00000000 ____D C:\Program Files (x86)\GeoGebra 4.4
2013-09-29 11:53 - 2013-09-29 11:50 - 41578544 _____ (International GeoGebra Institute) C:\Users\André\Downloads\GeoGebra-Windows-Installer-4-3-31-0.exe
2013-09-28 12:05 - 2013-09-28 12:05 - 00003486 _____ C:\Windows\System32\Tasks\Motorola Device Manager Update
2013-09-28 12:05 - 2013-09-28 12:05 - 00003468 _____ C:\Windows\System32\Tasks\Motorola Device Manager Engine
2013-09-28 12:05 - 2013-09-28 12:05 - 00003294 _____ C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2013-09-28 12:05 - 2012-08-02 10:57 - 00000000 ____D C:\Program Files (x86)\Motorola Mobility
2013-09-28 12:04 - 2013-09-28 12:04 - 00000000 ____D C:\Program Files\Motorola Inc
2013-09-28 11:22 - 2012-11-23 18:21 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAndré
2013-09-28 11:22 - 2012-11-23 18:21 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForAndré.job
2013-09-28 10:55 - 2013-09-27 19:34 - 00000000 ____D C:\Users\André\AppData\Local\Avg2014
2013-09-28 00:11 - 2013-09-28 00:11 - 00000000 ____D C:\Program Files (x86)\SP54024
2013-09-28 00:08 - 2013-09-28 00:07 - 05193912 _____ (Hewlett-Packard Company ) C:\Users\André\Downloads\sp54024.exe
2013-09-27 23:53 - 2013-03-30 11:15 - 00000000 ____D C:\ProgramData\AVG2013
2013-09-27 19:42 - 2013-09-27 19:42 - 00000000 ____D C:\Users\André\AppData\Roaming\AVG2014
2013-09-27 19:42 - 2013-09-27 19:38 - 00000000 ____D C:\ProgramData\AVG2014
2013-09-27 19:42 - 2013-03-30 11:15 - 00000000 ___HD C:\$AVG
2013-09-27 19:42 - 2013-03-30 11:14 - 00000000 ____D C:\Program Files (x86)\AVG
2013-09-27 19:40 - 2013-09-27 19:40 - 00000977 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-09-27 19:40 - 2013-09-27 19:40 - 00000977 _____ C:\ProgramData\Desktop\AVG 2014.lnk
2013-09-21 13:26 - 2011-09-02 10:43 - 00657910 _____ C:\Windows\system32\perfh007.dat
2013-09-21 13:26 - 2011-09-02 10:43 - 00131250 _____ C:\Windows\system32\perfc007.dat
2013-09-21 13:26 - 2009-07-14 07:13 - 01507342 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-21 09:57 - 2013-09-21 09:57 - 00287358 _____ C:\Users\André\Downloads\questhelper-v6.0.2.zip
2013-09-21 09:57 - 2013-09-21 09:57 - 00000000 ____D C:\Users\André\Downloads\questhelper-v6.0.2
2013-09-20 16:18 - 2013-09-20 16:18 - 00599568 _____ C:\Users\André\Downloads\model.rar
2013-09-20 16:18 - 2013-09-20 16:18 - 00000000 ____D C:\Users\André\Downloads\model
2013-09-20 14:49 - 2012-08-30 23:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 14:49 - 2012-08-30 23:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 14:49 - 2012-08-30 23:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 15:22 - 2013-09-19 15:21 - 30010384 _____ (TeamSpeak Systems GmbH) C:\Users\André\Downloads\TeamSpeak3-Client-win32-3.0.12.exe
2013-09-19 15:22 - 2013-03-13 22:53 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2013-09-17 20:17 - 2013-02-08 20:11 - 00000000 ___HD C:\Users\André\Documents\Runes of Magic
2013-09-15 09:21 - 2012-06-01 00:19 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-09-12 21:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 17:53 - 2012-05-30 11:13 - 00000000 ___RD C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 17:52 - 2009-07-14 06:45 - 00418808 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 15:47 - 2013-07-15 15:28 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 15:45 - 2012-06-12 16:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 15:45 - 2012-06-02 09:25 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 13:40 - 2013-09-10 13:40 - 04215463 _____ C:\Users\André\Downloads\setupautoscreenrecorder31375.exe
2013-09-10 13:40 - 2013-09-10 13:40 - 00002071 _____ C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\AutoScreenRecorder 3.1 Pro.lnk
2013-09-10 13:40 - 2013-09-10 13:40 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wisdom-soft AutoScreenRecorder 3 Pro
2013-09-10 13:40 - 2013-09-10 13:40 - 00000000 ____D C:\Program Files (x86)\Wisdom-soft AutoScreenRecorder 3 Pro
Some content of TEMP:
====================
C:\Users\André\AppData\Local\Temp\AutoRun.exe
C:\Users\André\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\André\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe
C:\Users\André\AppData\Local\Temp\CH.dll
C:\Users\André\AppData\Local\Temp\comver.dll
C:\Users\André\AppData\Local\Temp\eauninstall.exe
C:\Users\André\AppData\Local\Temp\FIFA 2005_uninst.exe
C:\Users\André\AppData\Local\Temp\jna3281351661723657235.dll
C:\Users\André\AppData\Local\Temp\jna4770932304411085280.dll
C:\Users\André\AppData\Local\Temp\jna4814522010958433371.dll
C:\Users\André\AppData\Local\Temp\jna6169265754507569653.dll
C:\Users\André\AppData\Local\Temp\jna6912594321685417377.dll
C:\Users\André\AppData\Local\Temp\jna7028951366591350982.dll
C:\Users\André\AppData\Local\Temp\jna7827818610631047807.dll
C:\Users\André\AppData\Local\Temp\MotorolaDeviceManager_2.0309.exe
C:\Users\André\AppData\Local\Temp\MotorolaDeviceManager_2.0403.exe
C:\Users\André\AppData\Local\Temp\RDtemp.exe
C:\Users\André\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\André\AppData\Local\Temp\{C10FF7FE-0755-4ABD-ACC5-9B26C365A432}-27.0.1453.110_27.0.1453.94_chrome_updater.exe
C:\Users\André\AppData\Local\Temp\~tmf8572745841485462304.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-06 14:56
==================== End Of Log ============================
und die Additional.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by André at 2013-10-09 21:05:02
Running from C:\Users\André\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AuthenTec TrueAPI (Version: 1.2.1.33)
AVG 2014 (Version: 14.0.3604)
AVG 2014 (Version: 14.0.4142)
AVG 2014 (Version: 2014.0.4142)
AVR Toolchain (x32 Version: 3.4.1.1195)
Ballance (x32)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Big Rig Europe (x32 Version: 2.2.0.95)
Blasterball 3 (x32 Version: 2.2.0.95)
Bounce Symphony (x32 Version: 2.2.0.95)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.48.61)
Cake Mania (x32 Version: 2.2.0.95)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2011.0508.224.2391)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0508.224.2391)
Catalyst Control Center Localization All (x32 Version: 2011.0508.224.2391)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0508.224.2391)
CCC Help Chinese Standard (x32 Version: 2011.0508.0223.2391)
CCC Help Chinese Traditional (x32 Version: 2011.0508.0223.2391)
CCC Help Czech (x32 Version: 2011.0508.0223.2391)
CCC Help Danish (x32 Version: 2011.0508.0223.2391)
CCC Help Dutch (x32 Version: 2011.0508.0223.2391)
CCC Help English (x32 Version: 2011.0508.0223.2391)
CCC Help Finnish (x32 Version: 2011.0508.0223.2391)
CCC Help French (x32 Version: 2011.0508.0223.2391)
CCC Help German (x32 Version: 2011.0508.0223.2391)
CCC Help Greek (x32 Version: 2011.0508.0223.2391)
CCC Help Hungarian (x32 Version: 2011.0508.0223.2391)
CCC Help Italian (x32 Version: 2011.0508.0223.2391)
CCC Help Japanese (x32 Version: 2011.0508.0223.2391)
CCC Help Korean (x32 Version: 2011.0508.0223.2391)
CCC Help Norwegian (x32 Version: 2011.0508.0223.2391)
CCC Help Polish (x32 Version: 2011.0508.0223.2391)
CCC Help Portuguese (x32 Version: 2011.0508.0223.2391)
CCC Help Russian (x32 Version: 2011.0508.0223.2391)
CCC Help Spanish (x32 Version: 2011.0508.0223.2391)
CCC Help Swedish (x32 Version: 2011.0508.0223.2391)
CCC Help Thai (x32 Version: 2011.0508.0223.2391)
CCC Help Turkish (x32 Version: 2011.0508.0223.2391)
ccc-utility64 (Version: 2011.0508.224.2391)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Core Temp 1.0 RC4 (Version: 1.0)
Counter-Strike 1.6 (x32 Version: 1.6)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95)
CyberLink YouCam (x32 Version: 3.5.1.3922)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Die Schlacht um Mittelerde™ II (x32)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0)
Evernote v. 4.2.2 (x32 Version: 4.2.2.3979)
F1 2011 (x32 Version: 1.0.0000.129)
F1 2011 (x32 Version: 1.0.0002.129)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.95)
Fishdom (x32 Version: 2.2.0.95)
Flip 3.4.7 (x32 Version: 3.4.7)
Free YouTube Download version 3.2.0.128 (x32 Version: 3.2.0.128)
Free YouTube to MP3 Converter version 3.12.2.430 (x32 Version: 3.12.2.430)
GameSpy Arcade (x32)
GeoGebra 4.4 (x32 Version: 4.3.31.0)
Google Chrome (HKCU Version: 30.0.1599.69)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
GRID (x32 Version: 1.30.0000)
Heroes of Might and Magic V - Tribes of the East (x32)
HP 3D DriveGuard (Version: 4.1.16.1)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (x32 Version: 4.1.23.1)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Documentation (x32 Version: 1.1.0.0)
HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43)
HP Games (x32 Version: 1.0.2.4)
HP On Screen Display (x32 Version: 1.1.2)
HP Power Manager (x32 Version: 1.2.3)
HP Quick Launch (x32 Version: 2.3.6)
HP Setup (x32 Version: 8.6.4530.3651)
HP Setup Manager (x32 Version: 1.1.13253.3682)
HP SimplePass 2011 (x32 Version: 5.1.0.495)
HP Software Framework (x32 Version: 4.5.10.1)
HP Support Assistant (x32 Version: 7.0.39.15)
ICQ Sparberater (x32 Version: 1.3.671)
IDT Audio (x32 Version: 1.0.6329.0)
Intel(R) Display Audio Driver (x32 Version: 6.14.00.3074)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004)
Internet Manager (x32 Version: 22.001.18.00.748)
Java Auto Updater (x32 Version: 2.1.6.0)
Java SE Development Kit 7 Update 5 (64-bit) (Version: 1.7.0.50)
Java(TM) 6 Update 24 (64-bit) (Version: 6.0.240)
Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50)
Java(TM) 7 Update 5 (x32 Version: 7.0.50)
JavaFX 2.1.1 (64-bit) (Version: 2.1.1)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JavaFX 2.1.1 SDK (64-bit) (Version: 2.1.1)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (x32 Version: 2.0.100.0)
LEGO MINDSTORMS NXT Driver for x64 (Version: 1.17.770)
LEGO MINDSTORMS NXT Migration Package (x32 Version: 1.2.8.0)
LEGO MINDSTORMS NXT Software v2.0 (x32 Version: 2.0.114.0)
Mah Jong Medley (x32 Version: 2.2.0.95)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Might & Magic Heroes VI (x32 Version: 1.8)
MotoCast (x32 Version: 2.0.31)
Motorola Device Manager (x32 Version: 2.4.3)
Motorola Device Software Update (x32 Version: 13.07.3101)
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0)
Motorola Mobile Drivers Installation 6.2.0 (Version: 6.2.0)
MP4 To MP3 Converter V3.0 (x32)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95)
Need for Speed™ Carbon (x32)
Need for Speed™ Most Wanted (x32 Version: 1.2.0.0)
Notepad++ (x32 Version: 6.2.3)
OpenAL (x32)
Origin (x32 Version: 9.0.13.2142)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Polar Bowler (x32 Version: 2.2.0.95)
PX Profile Update (x32 Version: 1.00.1.)
Race Driver 2 (x32 Version: 1.01.0000)
Rapture3D 2.4.9 Game (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.74)
Recovery Manager (x32 Version: 2.0.0)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0)
Skype™ 6.2 (x32 Version: 6.2.106)
Slingo Deluxe (x32 Version: 2.2.0.95)
Split/Second (x32 Version: 1.00.0000)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.4.4)
TeamSpeak 3 Client (x32 Version: 3.0.12)
TERA (x32 Version: 7)
Thrustmaster FFB Driver (x32 Version: 1.FFD.2009)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
Validity WBF DDK (Version: 4.3.118.0)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
VirtualDJ Home FREE (x32 Version: 7.3)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
Wedding Dash (x32 Version: 2.2.0.95)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wisdom-soft AutoScreenRecorder 3.1 Pro (x32)
XMedia Recode Version 3.1.5.3 (x32 Version: 3.1.5.3)
Zuma Deluxe (x32 Version: 2.2.0.95)
==================== Restore Points =========================
26-09-2013 17:03:08 Geplanter Prüfpunkt
27-09-2013 17:38:11 Installed AVG 2014
27-09-2013 17:38:50 Installed AVG 2014
28-09-2013 10:03:17 Installiert Motorola Device Manager
02-10-2013 15:34:48 ICQ Sparberater wird entfernt
02-10-2013 15:36:20 ICQ Sparberater wird entfernt
02-10-2013 15:36:50 Removed LogMeIn Hamachi
07-10-2013 10:55:24 Installiert Ballance
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02BC2B04-1A9D-4553-A4EB-C8F0BE7F3D62} - System32\Tasks\{68C5CA45-8F37-40E9-8467-33CCC3B9F846} => C:\André\Spiele\Call of juarez the cartel\CoJBiBGame_x86.exe
Task: {08403230-A267-445D-86DB-243C75174B46} - System32\Tasks\{D0F3134D-C087-4308-82EE-19B6BB6303E7} => C:\André\Spiele\GTA SAN ANDREAS\gta_sa.exe
Task: {10B3AEB3-0C22-4091-8009-2A5641BD7128} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {14993620-E9A4-4551-93DA-067BAAF227E5} - System32\Tasks\{46609904-96FC-4F50-9191-11BC8D322522} => C:\André\Spiele\NFSU2\speed2.exe
Task: {1A08AAAE-8053-4731-B621-1F35BDB065F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04] (Google Inc.)
Task: {1AC60307-E73B-43C9-856A-2E3F8CA5277D} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] ()
Task: {2D3BFE30-0E97-403C-B53F-B2DB2AE8CD02} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17] (Sun Microsystems, Inc.)
Task: {2F5ED273-9EDE-4675-96F4-F529859EB632} - System32\Tasks\{087EAFD2-8177-4A76-8346-9427E20EDAAD} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {37FD6481-0E51-4806-9A0A-CBD59E43F210} - System32\Tasks\Google Updater and Installer => C:\Users\André\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30] (Google Inc.)
Task: {3E6438B7-EB4D-4962-9AFB-57B04BFAB016} - System32\Tasks\{DB1C9A0B-271A-48EE-9A1B-72B04CC4E323} => C:\André\Spiele\Runes of Magic\Client.exe [2013-02-01] (Runewaker)
Task: {4066D5B1-8E8D-44D4-A75E-29CF0BFEF478} - System32\Tasks\{9ED6A78B-C001-4679-9112-CD21E0BF9977} => C:\André\Spiele\Valve\CS1.6v7\hl (2).exe
Task: {415026F8-C506-466A-AD22-6B8506E226D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-04] (Google Inc.)
Task: {4B6C805D-F7EB-4219-A1F2-994470CB2B5C} - System32\Tasks\{B4D6D971-AAB3-47F0-A156-0EFD2BCBBA62} => C:\Program Files (x86)\Codemasters\Race Driver 2\RD2.exe
Task: {5142E01E-610E-44DA-8BE9-D91C19DC0FA7} - System32\Tasks\{E644BFAD-57B5-4A5B-A6DC-99B8A59A4D7C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.0.106/de/abandoninstall?page=tsProgressBar
Task: {5B56C224-9850-4A2B-A375-73144C9BF2C1} - System32\Tasks\{9666A072-ED34-4539-ACBC-A6CCBE893776} => C:\André\Spiele\CS 1.6v7\hl.exe
Task: {688A021C-D921-43C3-A7EF-D45D0707D4AF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {696C1A40-98C3-4FDE-B917-0F00650EAEB6} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {6AD28AD5-F132-4E97-A9CC-983AFA6740E8} - System32\Tasks\{C0879355-AB3B-4F0E-BA44-F3F59EB05C47} => C:\André\Spiele\CS1.6v7\hl.exe
Task: {7170D917-B9A7-4931-9E94-475BD1BBBB10} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3055925560-2104778183-246893781-1000
Task: {7191179F-6EDB-453A-B9AA-81EC1C15E352} - System32\Tasks\{9C9A68C1-CC4B-4D70-A691-F2F6C94526EA} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.104.161/de/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {8295D0CD-89C1-4752-B9AD-8C3034E66E83} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
Task: {84F03CD1-76D4-4EB0-9846-E2B9C3A08224} - System32\Tasks\{3A7B977E-D76E-4808-87C2-3E1468FC9C58} => C:\Program Files (x86)\EA GAMES\Battlefield 1942\BF1942.exe
Task: {8EB2351D-801D-4DDF-A4E0-E996395DEEFC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3055925560-2104778183-246893781-1000Core => C:\Users\André\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30] (Google Inc.)
Task: {A9EDD320-1191-48BD-B419-2AF51B4E06FA} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {B7D5C269-0982-41E5-9645-3557DBE0DB3E} - System32\Tasks\HPCeeScheduleForAndré => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {BCDDA912-D8F2-4567-A55E-C10C499EDA17} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3055925560-2104778183-246893781-1000UA => C:\Users\André\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-30] (Google Inc.)
Task: {BFF5BD76-89E9-44CA-B536-3F517FC06574} - System32\Tasks\{C12A801C-32C9-4635-99DC-EDF2D253F160} => Firefox.exe hxxp://ui.skype.com/ui/0/6.2.0.106/de/abandoninstall?page=tsProgressBar
Task: {C3FF6E62-C401-4F41-B1C1-3DCB49E36A52} - System32\Tasks\{F53F16A7-DE0D-4E80-A914-595F78FFCD47} => C:\Program Files (x86)\DigiPen\Perspective\Perspective.exe
Task: {C4A8CDF9-A4DE-47D3-AD94-0AA4ADCC530E} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {C71CCFEF-7C07-4C28-9BE0-C69E571CF7B0} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {D2ED969C-C5AB-41F3-B2C7-EA72E3200170} - System32\Tasks\{FD7160FE-49A0-4E0A-BE6E-D338A123BFBF} => C:\Program Files (x86)\Valve\hl.exe [2004-01-15] (Valve)
Task: {D38C01A3-4CD5-4246-9FC6-B128AD1DA9E0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink)
Task: {D8F44EA0-C7D8-4BF9-A8C6-C6D18A8A9A5D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {DB26B028-55D7-405D-A6D8-93B454061ACA} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {E57EC0E9-80A9-46A4-B613-9BDB872373AF} - System32\Tasks\{1A742967-260A-4B02-979C-DACA6F30E70C} => C:\André\Spiele\CS1.6v7\hl.exe
Task: {EEC3C676-85FA-4D3C-AEF3-6B73DDBCA8E6} - System32\Tasks\Core Temp Autostart André => C:\Program Files\Core Temp\Core Temp.exe [2012-10-14] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3055925560-2104778183-246893781-1000Core.job => C:\Users\André\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3055925560-2104778183-246893781-1000UA.job => C:\Users\André\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAndré.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-12-06 00:06 - 2011-04-15 05:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-08 02:23 - 2011-05-08 02:23 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-05-12 14:13 - 2011-05-12 14:13 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2013-07-08 17:49 - 2013-07-08 17:48 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2013-07-08 17:49 - 2013-07-08 17:48 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2013-07-08 17:49 - 2013-07-08 17:48 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2013-07-08 17:49 - 2013-07-08 17:48 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2013-06-20 23:35 - 2013-06-20 23:35 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2013-10-09 20:58 - 2013-10-09 20:58 - 00205824 ____N () C:\Users\André\AppData\Local\Temp\WindowsAPI.dll2546003279913738555.lib
2012-08-02 10:59 - 2012-08-02 10:59 - 00509440 _____ () C:\Users\André\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
2013-10-09 20:58 - 2013-10-09 20:58 - 00314368 ____N () C:\Users\André\AppData\Local\Temp\WindowsFolderWatcher.dll4057887989053556979.lib
2013-10-09 20:58 - 2013-10-09 20:58 - 00160256 ____N () C:\Users\André\AppData\Local\Temp\ZumoLocalGateway.dll5412359441473899682.lib
2012-10-19 21:46 - 2012-10-19 21:46 - 00699392 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01396736 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00085504 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00030208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00471552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00253440 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00109568 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00038400 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00048640 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00126976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00038912 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00017920 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00248352 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00123947 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00133120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00098304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00078848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00052224 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00123904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00041984 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00212480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00011776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00016896 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00086016 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00091136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00073216 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00026624 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00187904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00069120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00331264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00023552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01694208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00122880 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 02009600 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00033280 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00036864 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00088064 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01376256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01563136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00363008 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00531968 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00119296 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029696 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00037888 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00035840 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00276480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00069632 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00276992 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00207872 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00047616 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00150528 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00039936 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00025088 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00132608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00190976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00035328 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00011264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00054784 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00051712 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00061952 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00032768 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00162304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 01520128 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00050688 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00196608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00042496 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
2012-10-19 21:46 - 2012-10-19 21:46 - 00013312 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-05 00:16 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\André\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-05 00:16 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\André\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-05 00:16 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\André\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-05 00:16 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\André\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-05 00:16 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\André\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
2013-08-17 10:42 - 2013-08-17 10:42 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9ab0e818cb3d1b6930eba54179f89300\IsdiInterop.ni.dll
2011-12-06 00:05 - 2011-01-13 03:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2013 08:58:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 02:55:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 01:57:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: hpCMSrv.exe, Version: 4.1.23.1, Zeitstempel: 0x4df7db87
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1458
Startzeit der fehlerhaften Anwendung: 0xhpCMSrv.exe0
Pfad der fehlerhaften Anwendung: hpCMSrv.exe1
Pfad des fehlerhaften Moduls: hpCMSrv.exe2
Berichtskennung: hpCMSrv.exe3
Error: (10/09/2013 01:32:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: hpCMSrv.exe, Version: 4.1.23.1, Zeitstempel: 0x4df7db87
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x159c
Startzeit der fehlerhaften Anwendung: 0xhpCMSrv.exe0
Pfad der fehlerhaften Anwendung: hpCMSrv.exe1
Pfad des fehlerhaften Moduls: hpCMSrv.exe2
Berichtskennung: hpCMSrv.exe3
Error: (10/09/2013 01:30:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: hpCMSrv.exe, Version: 4.1.23.1, Zeitstempel: 0x4df7db87
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1b3c
Startzeit der fehlerhaften Anwendung: 0xhpCMSrv.exe0
Pfad der fehlerhaften Anwendung: hpCMSrv.exe1
Pfad des fehlerhaften Moduls: hpCMSrv.exe2
Berichtskennung: hpCMSrv.exe3
Error: (10/09/2013 01:30:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HPWMISVC.exe, Version: 2.3.1.0, Zeitstempel: 0x4cd8eed3
Name des fehlerhaften Moduls: HPWMISVC.exe, Version: 2.3.1.0, Zeitstempel: 0x4cd8eed3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000016d1
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xHPWMISVC.exe0
Pfad der fehlerhaften Anwendung: HPWMISVC.exe1
Pfad des fehlerhaften Moduls: HPWMISVC.exe2
Berichtskennung: HPWMISVC.exe3
Error: (10/09/2013 00:36:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/08/2013 08:38:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/08/2013 06:57:24 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Might & Magic Heroes VI.exe, Version: 1.8.0.0, Zeitstempel: 0x5065b41f
Name des fehlerhaften Moduls: Might & Magic Heroes VI.exe, Version: 1.8.0.0, Zeitstempel: 0x5065b41f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00568f1c
ID des fehlerhaften Prozesses: 0x1e98
Startzeit der fehlerhaften Anwendung: 0xMight & Magic Heroes VI.exe0
Pfad der fehlerhaften Anwendung: Might & Magic Heroes VI.exe1
Pfad des fehlerhaften Moduls: Might & Magic Heroes VI.exe2
Berichtskennung: Might & Magic Heroes VI.exe3
Error: (10/08/2013 05:05:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (10/09/2013 08:58:13 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (10/09/2013 08:57:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/09/2013 08:57:57 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (10/09/2013 08:57:17 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/09/2013 03:32:47 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (10/09/2013 03:32:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/09/2013 03:32:39 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (10/09/2013 03:32:03 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/09/2013 02:55:18 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (10/09/2013 02:55:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (10/09/2013 08:58:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 02:55:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2013 01:57:49 PM) (Source: Application Error)(User: )
Description: hpCMSrv.exe4.1.23.14df7db87KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f145801cec4e69fbdd4deC:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exeC:\Windows\syswow64\KERNELBASE.dll040ddeee-30da-11e3-a6a5-ac8112d817ab
Error: (10/09/2013 01:32:29 PM) (Source: Application Error)(User: )
Description: hpCMSrv.exe4.1.23.14df7db87KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f159c01cec4e318e009a8C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exeC:\Windows\syswow64\KERNELBASE.dll7a6369e6-30d6-11e3-a6b7-082e5f8089eb
Error: (10/09/2013 01:30:59 PM) (Source: Application Error)(User: )
Description: hpCMSrv.exe4.1.23.14df7db87KERNELBASE.dll6.1.7601.1822951fb1116e06d73630000c41f1b3c01cec4e2e308942aC:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exeC:\Windows\syswow64\KERNELBASE.dll44c10f76-30d6-11e3-a6b7-082e5f8089eb
Error: (10/09/2013 01:30:14 PM) (Source: Application Error)(User: )
Description: HPWMISVC.exe2.3.1.04cd8eed3HPWMISVC.exe2.3.1.04cd8eed3c0000005000016d1b2c01cec4e277bc5339C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe29d444f7-30d6-11e3-a6b7-082e5f8089eb
Error: (10/09/2013 00:36:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/08/2013 08:38:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/08/2013 06:57:24 PM) (Source: Application Error)(User: )
Description: Might & Magic Heroes VI.exe1.8.0.05065b41fMight & Magic Heroes VI.exe1.8.0.05065b41fc000000500568f1c1e9801cec44772b23e11C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exeC:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exeb3afd89f-303a-11e3-a68a-082e5f8089eb
Error: (10/08/2013 05:05:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 6091.86 MB
Available physical RAM: 3671.18 MB
Total Pagefile: 12181.9 MB
Available Pagefile: 9324.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:447.59 GB) (Free:266.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:17.87 GB) (Free:1.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Ballance) (CDROM) (Total:0.11 GB) (Free:0 GB) CDFS
Drive g: (Intenso) (Removable) (Total:29.87 GB) (Free:29.87 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: FA5300E9)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)
==================== End Of Log ============================
|
|
09.10.2013, 21:16
| #6 |
| /// TB-Ausbilder | Interpol-Virus Wie läuft der Rechner? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Bitte poste in deiner nächsten Antwort:
__________________ --> Interpol-Virus |
|
10.10.2013, 12:36
| #7 |
| | Interpol-Virus Alles durchgeführt, hier die Logdateien: Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013
Ran by André at 2013-10-10 09:41:10 Run:2
Running from C:\Users\André\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
*****************
Default URLSearchHook was restored successfully .
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} => Key deleted successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => Key not found.
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.10.10.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 André :: ANDRÉ-HP [Administrator] 10.10.2013 09:44:08 mbam-log-2013-10-10 (09-44-08).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 209145 Laufzeit: 12 Minute(n), 5 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKCU\SOFTWARE\32 Vegas Casino (Adware.21Nova) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\DC3_FEXEC (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\Users\André\AppData\Roaming\dclogs (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 4 C:\Users\André\AppData\Local\Temp\comver.dll (Adware.GameSpyArcade) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\André\AppData\Local\Temp\~tmf8572745841485462304.dll (Trojan.Winlock) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\André\AppData\Local\Temp\nsb32B8.tmp\AskInstaller.exe (PUP.Optional.BundledToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\André\AppData\Roaming\dclogs\2013-03-04-2.dc (Stolen.Data) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=253232b4443c4f42a1158a84ac70b5c0
# engine=15425
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-10 09:31:16
# local_time=2013-10-10 11:31:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=771 16777214 16 1 16762074 16762074 0 0
# compatibility_mode=5893 16776574 100 94 7926665 133027326 0 0
# scanned=269118
# found=1
# cleaned=0
# scan_time=6248
sh=7A7CC5BD4E410191BC867D7DF6A674813215AF85 ft=1 fh=822b0427b5a010df vn="a variant of Win32/Kryptik.BMES trojan" ac=I fn="C:\FRST\Quarantine\abwdfld.plz"
|
|
10.10.2013, 13:19
| #8 |
| /// TB-Ausbilder | Interpol-Virus Ok, passt. Schritt 1 Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Schritt 2 Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können. Die aktuelle Version ist Java 7 Update 40.
Überleg dir also, ob du eine Java-Installation wirklich brauchst. Falls du Java weiterhin verwenden möchtest, dann:
Schritt 3 Downloade und installiere den Internet Explorer 10. Der Internet Explorer sollte auch dann aktuell gehalten werden, wenn er nicht zum Surfen verwendet wird. Schritt 4 Überprüfe dann mit diesem Plugin-Check (mit dem Firefox hier), ob nun alle deine verwendeten Versionen aktuell sind und update sie anderenfalls. Cleanup Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus.  Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts  Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen. Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. 
__________________ cheers, Leo |
|
10.10.2013, 13:49
| #9 |
| | Interpol-Virus So, vielen vielen Dank für die große Hilfe! Alles hat super geklappt und mein PC ist sauber! Ich werde Malwarebytes behalten und es öfters durchführen. Danke für alles! LG F1Bauer |
|
10.10.2013, 13:50
| #10 |
| /// TB-Ausbilder | Interpol-Virus Danke für die Rückmeldung. Freut mich, dass wir helfen konnten.  Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
Linear-Darstellung
